2 * Copyright (c) 2017 Thomas Pornin <pornin@bolet.org>
4 * Permission is hereby granted, free of charge, to any person obtaining
5 * a copy of this software and associated documentation files (the
6 * "Software"), to deal in the Software without restriction, including
7 * without limitation the rights to use, copy, modify, merge, publish,
8 * distribute, sublicense, and/or sell copies of the Software, and to
9 * permit persons to whom the Software is furnished to do so, subject to
10 * the following conditions:
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26 using System.Collections.Generic;
27 using System.Security.Cryptography.X509Certificates;
37 * A fake class that serves as container for various constants.
40 public sealed class SSL {
45 public const int SSL30 = 0x0300;
46 public const int TLS10 = 0x0301;
47 public const int TLS11 = 0x0302;
48 public const int TLS12 = 0x0303;
53 public const int CHANGE_CIPHER_SPEC = 20;
54 public const int ALERT = 21;
55 public const int HANDSHAKE = 22;
56 public const int APPLICATION_DATA = 23;
61 public const int WARNING = 1;
62 public const int FATAL = 2;
67 public const int CLOSE_NOTIFY = 0;
68 public const int UNEXPECTED_MESSAGE = 10;
69 public const int BAD_RECORD_MAC = 20;
70 public const int DECRYPTION_FAILED = 21;
71 public const int RECORD_OVERFLOW = 22;
72 public const int DECOMPRESSION_FAILURE = 30;
73 public const int HANDSHAKE_FAILURE = 40;
74 public const int BAD_CERTIFICATE = 42;
75 public const int UNSUPPORTED_CERTIFICATE = 43;
76 public const int CERTIFICATE_REVOKED = 44;
77 public const int CERTIFICATE_EXPIRED = 45;
78 public const int CERTIFICATE_UNKNOWN = 46;
79 public const int ILLEGAL_PARAMETER = 47;
80 public const int UNKNOWN_CA = 48;
81 public const int ACCESS_DENIED = 49;
82 public const int DECODE_ERROR = 50;
83 public const int DECRYPT_ERROR = 51;
84 public const int EXPORT_RESTRICTION = 60;
85 public const int PROTOCOL_VERSION = 70;
86 public const int INSUFFICIENT_SECURITY = 71;
87 public const int INTERNAL_ERROR = 80;
88 public const int USER_CANCELED = 90;
89 public const int NO_RENEGOTIATION = 100;
92 * Handshake message types.
94 public const int HELLO_REQUEST = 0;
95 public const int CLIENT_HELLO = 1;
96 public const int SERVER_HELLO = 2;
97 public const int CERTIFICATE = 11;
98 public const int SERVER_KEY_EXCHANGE = 12;
99 public const int CERTIFICATE_REQUEST = 13;
100 public const int SERVER_HELLO_DONE = 14;
101 public const int CERTIFICATE_VERIFY = 15;
102 public const int CLIENT_KEY_EXCHANGE = 16;
103 public const int FINISHED = 20;
110 public const int NULL_WITH_NULL_NULL = 0x0000;
111 public const int RSA_WITH_NULL_MD5 = 0x0001;
112 public const int RSA_WITH_NULL_SHA = 0x0002;
113 public const int RSA_WITH_NULL_SHA256 = 0x003B;
114 public const int RSA_WITH_RC4_128_MD5 = 0x0004;
115 public const int RSA_WITH_RC4_128_SHA = 0x0005;
116 public const int RSA_WITH_3DES_EDE_CBC_SHA = 0x000A;
117 public const int RSA_WITH_AES_128_CBC_SHA = 0x002F;
118 public const int RSA_WITH_AES_256_CBC_SHA = 0x0035;
119 public const int RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
120 public const int RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
121 public const int DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D;
122 public const int DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010;
123 public const int DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013;
124 public const int DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
125 public const int DH_DSS_WITH_AES_128_CBC_SHA = 0x0030;
126 public const int DH_RSA_WITH_AES_128_CBC_SHA = 0x0031;
127 public const int DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032;
128 public const int DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
129 public const int DH_DSS_WITH_AES_256_CBC_SHA = 0x0036;
130 public const int DH_RSA_WITH_AES_256_CBC_SHA = 0x0037;
131 public const int DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
132 public const int DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
133 public const int DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E;
134 public const int DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F;
135 public const int DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040;
136 public const int DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
137 public const int DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068;
138 public const int DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069;
139 public const int DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A;
140 public const int DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
141 public const int DH_anon_WITH_RC4_128_MD5 = 0x0018;
142 public const int DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B;
143 public const int DH_anon_WITH_AES_128_CBC_SHA = 0x0034;
144 public const int DH_anon_WITH_AES_256_CBC_SHA = 0x003A;
145 public const int DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C;
146 public const int DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D;
149 public const int ECDH_ECDSA_WITH_NULL_SHA = 0xC001;
150 public const int ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002;
151 public const int ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003;
152 public const int ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004;
153 public const int ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005;
154 public const int ECDHE_ECDSA_WITH_NULL_SHA = 0xC006;
155 public const int ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007;
156 public const int ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008;
157 public const int ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009;
158 public const int ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A;
159 public const int ECDH_RSA_WITH_NULL_SHA = 0xC00B;
160 public const int ECDH_RSA_WITH_RC4_128_SHA = 0xC00C;
161 public const int ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D;
162 public const int ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E;
163 public const int ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F;
164 public const int ECDHE_RSA_WITH_NULL_SHA = 0xC010;
165 public const int ECDHE_RSA_WITH_RC4_128_SHA = 0xC011;
166 public const int ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012;
167 public const int ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013;
168 public const int ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014;
169 public const int ECDH_anon_WITH_NULL_SHA = 0xC015;
170 public const int ECDH_anon_WITH_RC4_128_SHA = 0xC016;
171 public const int ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017;
172 public const int ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018;
173 public const int ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019;
176 public const int RSA_WITH_AES_128_GCM_SHA256 = 0x009C;
177 public const int RSA_WITH_AES_256_GCM_SHA384 = 0x009D;
178 public const int DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
179 public const int DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F;
180 public const int DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0;
181 public const int DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1;
182 public const int DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2;
183 public const int DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3;
184 public const int DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4;
185 public const int DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5;
186 public const int DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6;
187 public const int DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7;
190 public const int ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023;
191 public const int ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024;
192 public const int ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025;
193 public const int ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026;
194 public const int ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027;
195 public const int ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028;
196 public const int ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029;
197 public const int ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A;
198 public const int ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B;
199 public const int ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C;
200 public const int ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D;
201 public const int ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E;
202 public const int ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F;
203 public const int ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030;
204 public const int ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031;
205 public const int ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032;
207 /* From RFC 6655 and 7251 */
208 public const int RSA_WITH_AES_128_CCM = 0xC09C;
209 public const int RSA_WITH_AES_256_CCM = 0xC09D;
210 public const int RSA_WITH_AES_128_CCM_8 = 0xC0A0;
211 public const int RSA_WITH_AES_256_CCM_8 = 0xC0A1;
212 public const int ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC;
213 public const int ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD;
214 public const int ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE;
215 public const int ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF;
218 public const int ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
219 public const int ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
220 public const int DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
221 public const int PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB;
222 public const int ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
223 public const int DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
224 public const int RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE;
227 public const int FALLBACK_SCSV = 0x5600;
230 public const int EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF;
233 * Client certificate types.
235 public const int RSA_SIGN = 1;
236 public const int DSS_SIGN = 2;
237 public const int RSA_FIXED_DH = 3;
238 public const int DSS_FIXED_DH = 4;
241 * Hash algorithm identifiers. The special "MD5SHA1" is for use
242 * with RSA signatures in TLS 1.0 and 1.1 only.
244 public const int MD5SHA1 = 0;
245 public const int MD5 = 1;
246 public const int SHA1 = 2;
247 public const int SHA224 = 3;
248 public const int SHA256 = 4;
249 public const int SHA384 = 5;
250 public const int SHA512 = 6;
253 * Signature algorithm identifiers.
255 public const int RSA = 1;
256 public const int DSA = 2;
257 public const int ECDSA = 3;
260 * Combined hash-and-sign algorithms.
262 public const int RSA_MD5SHA1 = (MD5SHA1 << 8) + RSA;
263 public const int RSA_MD5 = (MD5 << 8) + RSA;
264 public const int RSA_SHA1 = (SHA1 << 8) + RSA;
265 public const int RSA_SHA224 = (SHA224 << 8) + RSA;
266 public const int RSA_SHA256 = (SHA256 << 8) + RSA;
267 public const int RSA_SHA384 = (SHA384 << 8) + RSA;
268 public const int RSA_SHA512 = (SHA512 << 8) + RSA;
269 public const int ECDSA_MD5 = (MD5 << 8) + ECDSA;
270 public const int ECDSA_SHA1 = (SHA1 << 8) + ECDSA;
271 public const int ECDSA_SHA224 = (SHA224 << 8) + ECDSA;
272 public const int ECDSA_SHA256 = (SHA256 << 8) + ECDSA;
273 public const int ECDSA_SHA384 = (SHA384 << 8) + ECDSA;
274 public const int ECDSA_SHA512 = (SHA512 << 8) + ECDSA;
277 * Symbolic identifiers for named curves.
279 public const int NIST_P256 = 23;
280 public const int NIST_P384 = 24;
281 public const int NIST_P521 = 25;
282 public const int Curve25519 = 29;
285 * Get a human-readable name for a version.
287 public static string VersionName(int version)
290 case SSL30: return "SSL 3.0";
291 case TLS10: return "TLS 1.0";
292 case TLS11: return "TLS 1.1";
293 case TLS12: return "TLS 1.2";
295 if ((version >> 8) == 3) {
296 return String.Format("TLS 1.{0}", (version & 0xFF) - 1);
298 return String.Format("UNKNOWN:0x{0:X4}", version);
302 * Parse a version name.
304 public static int GetVersionByName(string s)
306 string t = s.Trim().Replace(" ", "").Replace(".", "")
307 .Replace("-", "").ToUpperInvariant();
326 throw new Exception(string.Format(
327 "Unknown protocol version: '{0}'", s));
332 * Get a human-readable name for a cipher suite.
334 public static string CipherSuiteName(int cipherSuite)
336 switch (cipherSuite) {
337 case NULL_WITH_NULL_NULL:
338 return "NULL_WITH_NULL_NULL";
339 case RSA_WITH_NULL_MD5:
340 return "RSA_WITH_NULL_MD5";
341 case RSA_WITH_NULL_SHA:
342 return "RSA_WITH_NULL_SHA";
343 case RSA_WITH_NULL_SHA256:
344 return "RSA_WITH_NULL_SHA256";
345 case RSA_WITH_RC4_128_MD5:
346 return "RSA_WITH_RC4_128_MD5";
347 case RSA_WITH_RC4_128_SHA:
348 return "RSA_WITH_RC4_128_SHA";
349 case RSA_WITH_3DES_EDE_CBC_SHA:
350 return "RSA_WITH_3DES_EDE_CBC_SHA";
351 case RSA_WITH_AES_128_CBC_SHA:
352 return "RSA_WITH_AES_128_CBC_SHA";
353 case RSA_WITH_AES_256_CBC_SHA:
354 return "RSA_WITH_AES_256_CBC_SHA";
355 case RSA_WITH_AES_128_CBC_SHA256:
356 return "RSA_WITH_AES_128_CBC_SHA256";
357 case RSA_WITH_AES_256_CBC_SHA256:
358 return "RSA_WITH_AES_256_CBC_SHA256";
359 case DH_DSS_WITH_3DES_EDE_CBC_SHA:
360 return "DH_DSS_WITH_3DES_EDE_CBC_SHA";
361 case DH_RSA_WITH_3DES_EDE_CBC_SHA:
362 return "DH_RSA_WITH_3DES_EDE_CBC_SHA";
363 case DHE_DSS_WITH_3DES_EDE_CBC_SHA:
364 return "DHE_DSS_WITH_3DES_EDE_CBC_SHA";
365 case DHE_RSA_WITH_3DES_EDE_CBC_SHA:
366 return "DHE_RSA_WITH_3DES_EDE_CBC_SHA";
367 case DH_DSS_WITH_AES_128_CBC_SHA:
368 return "DH_DSS_WITH_AES_128_CBC_SHA";
369 case DH_RSA_WITH_AES_128_CBC_SHA:
370 return "DH_RSA_WITH_AES_128_CBC_SHA";
371 case DHE_DSS_WITH_AES_128_CBC_SHA:
372 return "DHE_DSS_WITH_AES_128_CBC_SHA";
373 case DHE_RSA_WITH_AES_128_CBC_SHA:
374 return "DHE_RSA_WITH_AES_128_CBC_SHA";
375 case DH_DSS_WITH_AES_256_CBC_SHA:
376 return "DH_DSS_WITH_AES_256_CBC_SHA";
377 case DH_RSA_WITH_AES_256_CBC_SHA:
378 return "DH_RSA_WITH_AES_256_CBC_SHA";
379 case DHE_DSS_WITH_AES_256_CBC_SHA:
380 return "DHE_DSS_WITH_AES_256_CBC_SHA";
381 case DHE_RSA_WITH_AES_256_CBC_SHA:
382 return "DHE_RSA_WITH_AES_256_CBC_SHA";
383 case DH_DSS_WITH_AES_128_CBC_SHA256:
384 return "DH_DSS_WITH_AES_128_CBC_SHA256";
385 case DH_RSA_WITH_AES_128_CBC_SHA256:
386 return "DH_RSA_WITH_AES_128_CBC_SHA256";
387 case DHE_DSS_WITH_AES_128_CBC_SHA256:
388 return "DHE_DSS_WITH_AES_128_CBC_SHA256";
389 case DHE_RSA_WITH_AES_128_CBC_SHA256:
390 return "DHE_RSA_WITH_AES_128_CBC_SHA256";
391 case DH_DSS_WITH_AES_256_CBC_SHA256:
392 return "DH_DSS_WITH_AES_256_CBC_SHA256";
393 case DH_RSA_WITH_AES_256_CBC_SHA256:
394 return "DH_RSA_WITH_AES_256_CBC_SHA256";
395 case DHE_DSS_WITH_AES_256_CBC_SHA256:
396 return "DHE_DSS_WITH_AES_256_CBC_SHA256";
397 case DHE_RSA_WITH_AES_256_CBC_SHA256:
398 return "DHE_RSA_WITH_AES_256_CBC_SHA256";
399 case DH_anon_WITH_RC4_128_MD5:
400 return "DH_anon_WITH_RC4_128_MD5";
401 case DH_anon_WITH_3DES_EDE_CBC_SHA:
402 return "DH_anon_WITH_3DES_EDE_CBC_SHA";
403 case DH_anon_WITH_AES_128_CBC_SHA:
404 return "DH_anon_WITH_AES_128_CBC_SHA";
405 case DH_anon_WITH_AES_256_CBC_SHA:
406 return "DH_anon_WITH_AES_256_CBC_SHA";
407 case DH_anon_WITH_AES_128_CBC_SHA256:
408 return "DH_anon_WITH_AES_128_CBC_SHA256";
409 case DH_anon_WITH_AES_256_CBC_SHA256:
410 return "DH_anon_WITH_AES_256_CBC_SHA256";
411 case ECDH_ECDSA_WITH_NULL_SHA:
412 return "ECDH_ECDSA_WITH_NULL_SHA";
413 case ECDH_ECDSA_WITH_RC4_128_SHA:
414 return "ECDH_ECDSA_WITH_RC4_128_SHA";
415 case ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
416 return "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
417 case ECDH_ECDSA_WITH_AES_128_CBC_SHA:
418 return "ECDH_ECDSA_WITH_AES_128_CBC_SHA";
419 case ECDH_ECDSA_WITH_AES_256_CBC_SHA:
420 return "ECDH_ECDSA_WITH_AES_256_CBC_SHA";
421 case ECDHE_ECDSA_WITH_NULL_SHA:
422 return "ECDHE_ECDSA_WITH_NULL_SHA";
423 case ECDHE_ECDSA_WITH_RC4_128_SHA:
424 return "ECDHE_ECDSA_WITH_RC4_128_SHA";
425 case ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
426 return "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
427 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
428 return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
429 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
430 return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
431 case ECDH_RSA_WITH_NULL_SHA:
432 return "ECDH_RSA_WITH_NULL_SHA";
433 case ECDH_RSA_WITH_RC4_128_SHA:
434 return "ECDH_RSA_WITH_RC4_128_SHA";
435 case ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
436 return "ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
437 case ECDH_RSA_WITH_AES_128_CBC_SHA:
438 return "ECDH_RSA_WITH_AES_128_CBC_SHA";
439 case ECDH_RSA_WITH_AES_256_CBC_SHA:
440 return "ECDH_RSA_WITH_AES_256_CBC_SHA";
441 case ECDHE_RSA_WITH_NULL_SHA:
442 return "ECDHE_RSA_WITH_NULL_SHA";
443 case ECDHE_RSA_WITH_RC4_128_SHA:
444 return "ECDHE_RSA_WITH_RC4_128_SHA";
445 case ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
446 return "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
447 case ECDHE_RSA_WITH_AES_128_CBC_SHA:
448 return "ECDHE_RSA_WITH_AES_128_CBC_SHA";
449 case ECDHE_RSA_WITH_AES_256_CBC_SHA:
450 return "ECDHE_RSA_WITH_AES_256_CBC_SHA";
451 case ECDH_anon_WITH_NULL_SHA:
452 return "ECDH_anon_WITH_NULL_SHA";
453 case ECDH_anon_WITH_RC4_128_SHA:
454 return "ECDH_anon_WITH_RC4_128_SHA";
455 case ECDH_anon_WITH_3DES_EDE_CBC_SHA:
456 return "ECDH_anon_WITH_3DES_EDE_CBC_SHA";
457 case ECDH_anon_WITH_AES_128_CBC_SHA:
458 return "ECDH_anon_WITH_AES_128_CBC_SHA";
459 case ECDH_anon_WITH_AES_256_CBC_SHA:
460 return "ECDH_anon_WITH_AES_256_CBC_SHA";
461 case RSA_WITH_AES_128_GCM_SHA256:
462 return "RSA_WITH_AES_128_GCM_SHA256";
463 case RSA_WITH_AES_256_GCM_SHA384:
464 return "RSA_WITH_AES_256_GCM_SHA384";
465 case DHE_RSA_WITH_AES_128_GCM_SHA256:
466 return "DHE_RSA_WITH_AES_128_GCM_SHA256";
467 case DHE_RSA_WITH_AES_256_GCM_SHA384:
468 return "DHE_RSA_WITH_AES_256_GCM_SHA384";
469 case DH_RSA_WITH_AES_128_GCM_SHA256:
470 return "DH_RSA_WITH_AES_128_GCM_SHA256";
471 case DH_RSA_WITH_AES_256_GCM_SHA384:
472 return "DH_RSA_WITH_AES_256_GCM_SHA384";
473 case DHE_DSS_WITH_AES_128_GCM_SHA256:
474 return "DHE_DSS_WITH_AES_128_GCM_SHA256";
475 case DHE_DSS_WITH_AES_256_GCM_SHA384:
476 return "DHE_DSS_WITH_AES_256_GCM_SHA384";
477 case DH_DSS_WITH_AES_128_GCM_SHA256:
478 return "DH_DSS_WITH_AES_128_GCM_SHA256";
479 case DH_DSS_WITH_AES_256_GCM_SHA384:
480 return "DH_DSS_WITH_AES_256_GCM_SHA384";
481 case DH_anon_WITH_AES_128_GCM_SHA256:
482 return "DH_anon_WITH_AES_128_GCM_SHA256";
483 case DH_anon_WITH_AES_256_GCM_SHA384:
484 return "DH_anon_WITH_AES_256_GCM_SHA384";
485 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
486 return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
487 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
488 return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
489 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
490 return "ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
491 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
492 return "ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
493 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
494 return "ECDHE_RSA_WITH_AES_128_CBC_SHA256";
495 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
496 return "ECDHE_RSA_WITH_AES_256_CBC_SHA384";
497 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
498 return "ECDH_RSA_WITH_AES_128_CBC_SHA256";
499 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
500 return "ECDH_RSA_WITH_AES_256_CBC_SHA384";
501 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
502 return "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
503 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
504 return "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
505 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
506 return "ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
507 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
508 return "ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
509 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
510 return "ECDHE_RSA_WITH_AES_128_GCM_SHA256";
511 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
512 return "ECDHE_RSA_WITH_AES_256_GCM_SHA384";
513 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
514 return "ECDH_RSA_WITH_AES_128_GCM_SHA256";
515 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
516 return "ECDH_RSA_WITH_AES_256_GCM_SHA384";
517 case RSA_WITH_AES_128_CCM:
518 return "RSA_WITH_AES_128_CCM";
519 case RSA_WITH_AES_256_CCM:
520 return "RSA_WITH_AES_256_CCM";
521 case RSA_WITH_AES_128_CCM_8:
522 return "RSA_WITH_AES_128_CCM_8";
523 case RSA_WITH_AES_256_CCM_8:
524 return "RSA_WITH_AES_256_CCM_8";
525 case ECDHE_ECDSA_WITH_AES_128_CCM:
526 return "ECDHE_ECDSA_WITH_AES_128_CCM";
527 case ECDHE_ECDSA_WITH_AES_256_CCM:
528 return "ECDHE_ECDSA_WITH_AES_256_CCM";
529 case ECDHE_ECDSA_WITH_AES_128_CCM_8:
530 return "ECDHE_ECDSA_WITH_AES_128_CCM_8";
531 case ECDHE_ECDSA_WITH_AES_256_CCM_8:
532 return "ECDHE_ECDSA_WITH_AES_256_CCM_8";
533 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
534 return "ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
535 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
536 return "ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256";
537 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
538 return "DHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
539 case PSK_WITH_CHACHA20_POLY1305_SHA256:
540 return "PSK_WITH_CHACHA20_POLY1305_SHA256";
541 case ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
542 return "ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256";
543 case DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
544 return "DHE_PSK_WITH_CHACHA20_POLY1305_SHA256";
545 case RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
546 return "RSA_PSK_WITH_CHACHA20_POLY1305_SHA256";
548 return "FALLBACK_SCSV";
549 case EMPTY_RENEGOTIATION_INFO_SCSV:
550 return "EMPTY_RENEGOTIATION_INFO_SCSV";
552 return String.Format("UNKNOWN:0x{0:X4}", cipherSuite);
557 * Parse a cipher suite name.
559 public static int GetSuiteByName(string s)
561 string t = s.Trim().Replace("_", "").Replace("-", "")
563 if (t.StartsWith("TLS") || t.StartsWith("SSL")) {
567 case "NULLWITHNULLNULL":
568 return NULL_WITH_NULL_NULL;
569 case "RSAWITHNULLMD5":
570 return RSA_WITH_NULL_MD5;
571 case "RSAWITHNULLSHA":
572 return RSA_WITH_NULL_SHA;
573 case "RSAWITHNULLSHA256":
574 return RSA_WITH_NULL_SHA256;
575 case "RSAWITHRC4128MD5":
576 return RSA_WITH_RC4_128_MD5;
577 case "RSAWITHRC4128SHA":
578 return RSA_WITH_RC4_128_SHA;
579 case "RSAWITH3DESEDECBCSHA":
580 return RSA_WITH_3DES_EDE_CBC_SHA;
581 case "RSAWITHAES128CBCSHA":
582 return RSA_WITH_AES_128_CBC_SHA;
583 case "RSAWITHAES256CBCSHA":
584 return RSA_WITH_AES_256_CBC_SHA;
585 case "RSAWITHAES128CBCSHA256":
586 return RSA_WITH_AES_128_CBC_SHA256;
587 case "RSAWITHAES256CBCSHA256":
588 return RSA_WITH_AES_256_CBC_SHA256;
589 case "DHDSSWITH3DESEDECBCSHA":
590 return DH_DSS_WITH_3DES_EDE_CBC_SHA;
591 case "DHRSAWITH3DESEDECBCSHA":
592 return DH_RSA_WITH_3DES_EDE_CBC_SHA;
593 case "DHEDSSWITH3DESEDECBCSHA":
594 return DHE_DSS_WITH_3DES_EDE_CBC_SHA;
595 case "DHERSAWITH3DESEDECBCSHA":
596 return DHE_RSA_WITH_3DES_EDE_CBC_SHA;
597 case "DHDSSWITHAES128CBCSHA":
598 return DH_DSS_WITH_AES_128_CBC_SHA;
599 case "DHRSAWITHAES128CBCSHA":
600 return DH_RSA_WITH_AES_128_CBC_SHA;
601 case "DHEDSSWITHAES128CBCSHA":
602 return DHE_DSS_WITH_AES_128_CBC_SHA;
603 case "DHERSAWITHAES128CBCSHA":
604 return DHE_RSA_WITH_AES_128_CBC_SHA;
605 case "DHDSSWITHAES256CBCSHA":
606 return DH_DSS_WITH_AES_256_CBC_SHA;
607 case "DHRSAWITHAES256CBCSHA":
608 return DH_RSA_WITH_AES_256_CBC_SHA;
609 case "DHEDSSWITHAES256CBCSHA":
610 return DHE_DSS_WITH_AES_256_CBC_SHA;
611 case "DHERSAWITHAES256CBCSHA":
612 return DHE_RSA_WITH_AES_256_CBC_SHA;
613 case "DHDSSWITHAES128CBCSHA256":
614 return DH_DSS_WITH_AES_128_CBC_SHA256;
615 case "DHRSAWITHAES128CBCSHA256":
616 return DH_RSA_WITH_AES_128_CBC_SHA256;
617 case "DHEDSSWITHAES128CBCSHA256":
618 return DHE_DSS_WITH_AES_128_CBC_SHA256;
619 case "DHERSAWITHAES128CBCSHA256":
620 return DHE_RSA_WITH_AES_128_CBC_SHA256;
621 case "DHDSSWITHAES256CBCSHA256":
622 return DH_DSS_WITH_AES_256_CBC_SHA256;
623 case "DHRSAWITHAES256CBCSHA256":
624 return DH_RSA_WITH_AES_256_CBC_SHA256;
625 case "DHEDSSWITHAES256CBCSHA256":
626 return DHE_DSS_WITH_AES_256_CBC_SHA256;
627 case "DHERSAWITHAES256CBCSHA256":
628 return DHE_RSA_WITH_AES_256_CBC_SHA256;
629 case "DHANONWITHRC4128MD5":
630 return DH_anon_WITH_RC4_128_MD5;
631 case "DHANONWITH3DESEDECBCSHA":
632 return DH_anon_WITH_3DES_EDE_CBC_SHA;
633 case "DHANONWITHAES128CBCSHA":
634 return DH_anon_WITH_AES_128_CBC_SHA;
635 case "DHANONWITHAES256CBCSHA":
636 return DH_anon_WITH_AES_256_CBC_SHA;
637 case "DHANONWITHAES128CBCSHA256":
638 return DH_anon_WITH_AES_128_CBC_SHA256;
639 case "DHANONWITHAES256CBCSHA256":
640 return DH_anon_WITH_AES_256_CBC_SHA256;
641 case "ECDHECDSAWITHNULLSHA":
642 return ECDH_ECDSA_WITH_NULL_SHA;
643 case "ECDHECDSAWITHRC4128SHA":
644 return ECDH_ECDSA_WITH_RC4_128_SHA;
645 case "ECDHECDSAWITH3DESEDECBCSHA":
646 return ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA;
647 case "ECDHECDSAWITHAES128CBCSHA":
648 return ECDH_ECDSA_WITH_AES_128_CBC_SHA;
649 case "ECDHECDSAWITHAES256CBCSHA":
650 return ECDH_ECDSA_WITH_AES_256_CBC_SHA;
651 case "ECDHEECDSAWITHNULLSHA":
652 return ECDHE_ECDSA_WITH_NULL_SHA;
653 case "ECDHEECDSAWITHRC4128SHA":
654 return ECDHE_ECDSA_WITH_RC4_128_SHA;
655 case "ECDHEECDSAWITH3DESEDECBCSHA":
656 return ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
657 case "ECDHEECDSAWITHAES128CBCSHA":
658 return ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
659 case "ECDHEECDSAWITHAES256CBCSHA":
660 return ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
661 case "ECDHRSAWITHNULLSHA":
662 return ECDH_RSA_WITH_NULL_SHA;
663 case "ECDHRSAWITHRC4128SHA":
664 return ECDH_RSA_WITH_RC4_128_SHA;
665 case "ECDHRSAWITH3DESEDECBCSHA":
666 return ECDH_RSA_WITH_3DES_EDE_CBC_SHA;
667 case "ECDHRSAWITHAES128CBCSHA":
668 return ECDH_RSA_WITH_AES_128_CBC_SHA;
669 case "ECDHRSAWITHAES256CBCSHA":
670 return ECDH_RSA_WITH_AES_256_CBC_SHA;
671 case "ECDHERSAWITHNULLSHA":
672 return ECDHE_RSA_WITH_NULL_SHA;
673 case "ECDHERSAWITHRC4128SHA":
674 return ECDHE_RSA_WITH_RC4_128_SHA;
675 case "ECDHERSAWITH3DESEDECBCSHA":
676 return ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
677 case "ECDHERSAWITHAES128CBCSHA":
678 return ECDHE_RSA_WITH_AES_128_CBC_SHA;
679 case "ECDHERSAWITHAES256CBCSHA":
680 return ECDHE_RSA_WITH_AES_256_CBC_SHA;
681 case "ECDHANONWITHNULLSHA":
682 return ECDH_anon_WITH_NULL_SHA;
683 case "ECDHANONWITHRC4128SHA":
684 return ECDH_anon_WITH_RC4_128_SHA;
685 case "ECDHANONWITH3DESEDECBCSHA":
686 return ECDH_anon_WITH_3DES_EDE_CBC_SHA;
687 case "ECDHANONWITHAES128CBCSHA":
688 return ECDH_anon_WITH_AES_128_CBC_SHA;
689 case "ECDHANONWITHAES256CBCSHA":
690 return ECDH_anon_WITH_AES_256_CBC_SHA;
691 case "RSAWITHAES128GCMSHA256":
692 return RSA_WITH_AES_128_GCM_SHA256;
693 case "RSAWITHAES256GCMSHA384":
694 return RSA_WITH_AES_256_GCM_SHA384;
695 case "DHERSAWITHAES128GCMSHA256":
696 return DHE_RSA_WITH_AES_128_GCM_SHA256;
697 case "DHERSAWITHAES256GCMSHA384":
698 return DHE_RSA_WITH_AES_256_GCM_SHA384;
699 case "DHRSAWITHAES128GCMSHA256":
700 return DH_RSA_WITH_AES_128_GCM_SHA256;
701 case "DHRSAWITHAES256GCMSHA384":
702 return DH_RSA_WITH_AES_256_GCM_SHA384;
703 case "DHEDSSWITHAES128GCMSHA256":
704 return DHE_DSS_WITH_AES_128_GCM_SHA256;
705 case "DHEDSSWITHAES256GCMSHA384":
706 return DHE_DSS_WITH_AES_256_GCM_SHA384;
707 case "DHDSSWITHAES128GCMSHA256":
708 return DH_DSS_WITH_AES_128_GCM_SHA256;
709 case "DHDSSWITHAES256GCMSHA384":
710 return DH_DSS_WITH_AES_256_GCM_SHA384;
711 case "DHANONWITHAES128GCMSHA256":
712 return DH_anon_WITH_AES_128_GCM_SHA256;
713 case "DHANONWITHAES256GCMSHA384":
714 return DH_anon_WITH_AES_256_GCM_SHA384;
715 case "ECDHEECDSAWITHAES128CBCSHA256":
716 return ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
717 case "ECDHEECDSAWITHAES256CBCSHA384":
718 return ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
719 case "ECDHECDSAWITHAES128CBCSHA256":
720 return ECDH_ECDSA_WITH_AES_128_CBC_SHA256;
721 case "ECDHECDSAWITHAES256CBCSHA384":
722 return ECDH_ECDSA_WITH_AES_256_CBC_SHA384;
723 case "ECDHERSAWITHAES128CBCSHA256":
724 return ECDHE_RSA_WITH_AES_128_CBC_SHA256;
725 case "ECDHERSAWITHAES256CBCSHA384":
726 return ECDHE_RSA_WITH_AES_256_CBC_SHA384;
727 case "ECDHRSAWITHAES128CBCSHA256":
728 return ECDH_RSA_WITH_AES_128_CBC_SHA256;
729 case "ECDHRSAWITHAES256CBCSHA384":
730 return ECDH_RSA_WITH_AES_256_CBC_SHA384;
731 case "ECDHEECDSAWITHAES128GCMSHA256":
732 return ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
733 case "ECDHEECDSAWITHAES256GCMSHA384":
734 return ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
735 case "ECDHECDSAWITHAES128GCMSHA256":
736 return ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
737 case "ECDHECDSAWITHAES256GCMSHA384":
738 return ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
739 case "ECDHERSAWITHAES128GCMSHA256":
740 return ECDHE_RSA_WITH_AES_128_GCM_SHA256;
741 case "ECDHERSAWITHAES256GCMSHA384":
742 return ECDHE_RSA_WITH_AES_256_GCM_SHA384;
743 case "ECDHRSAWITHAES128GCMSHA256":
744 return ECDH_RSA_WITH_AES_128_GCM_SHA256;
745 case "ECDHRSAWITHAES256GCMSHA384":
746 return ECDH_RSA_WITH_AES_256_GCM_SHA384;
747 case "RSAWITHAES128CCM":
748 return RSA_WITH_AES_128_CCM;
749 case "RSAWITHAES256CCM":
750 return RSA_WITH_AES_256_CCM;
751 case "RSAWITHAES128CCM8":
752 return RSA_WITH_AES_128_CCM_8;
753 case "RSAWITHAES256CCM8":
754 return RSA_WITH_AES_256_CCM_8;
755 case "ECDHEECDSAWITHAES128CCM":
756 return ECDHE_ECDSA_WITH_AES_128_CCM;
757 case "ECDHEECDSAWITHAES256CCM":
758 return ECDHE_ECDSA_WITH_AES_256_CCM;
759 case "ECDHEECDSAWITHAES128CCM8":
760 return ECDHE_ECDSA_WITH_AES_128_CCM_8;
761 case "ECDHEECDSAWITHAES256CCM8":
762 return ECDHE_ECDSA_WITH_AES_256_CCM_8;
763 case "ECDHERSAWITHCHACHA20POLY1305SHA256":
764 return ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
765 case "ECDHEECDSAWITHCHACHA20POLY1305SHA256":
766 return ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256;
767 case "DHERSAWITHCHACHA20POLY1305SHA256":
768 return DHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
769 case "PSKWITHCHACHA20POLY1305SHA256":
770 return PSK_WITH_CHACHA20_POLY1305_SHA256;
771 case "ECDHEPSKWITHCHACHA20POLY1305SHA256":
772 return ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256;
773 case "DHEPSKWITHCHACHA20POLY1305SHA256":
774 return DHE_PSK_WITH_CHACHA20_POLY1305_SHA256;
775 case "RSAPSKWITHCHACHA20POLY1305SHA256":
776 return RSA_PSK_WITH_CHACHA20_POLY1305_SHA256;
779 throw new Exception(string.Format(
780 "Unknown cipher suite: '{0}'", s));
785 * Get a human-readable name for a hash-and-sign algorithm.
787 public static string HashAndSignName(int hs)
790 case RSA_MD5: return "RSA_MD5";
791 case RSA_SHA1: return "RSA_SHA1";
792 case RSA_SHA224: return "RSA_SHA224";
793 case RSA_SHA256: return "RSA_SHA256";
794 case RSA_SHA384: return "RSA_SHA384";
795 case RSA_SHA512: return "RSA_SHA512";
796 case ECDSA_MD5: return "ECDSA_MD5";
797 case ECDSA_SHA1: return "ECDSA_SHA1";
798 case ECDSA_SHA224: return "ECDSA_SHA224";
799 case ECDSA_SHA256: return "ECDSA_SHA256";
800 case ECDSA_SHA384: return "ECDSA_SHA384";
801 case ECDSA_SHA512: return "ECDSA_SHA512";
803 return String.Format("UNKNOWN:0x{0:X4}", hs);
808 * Parse a hash-and-sign name.
810 public static int GetHashAndSignByName(string s)
812 string t = s.Trim().Replace(" ", "").Replace("_", "")
813 .Replace("-", "").Replace("/", "")
816 case "RSAMD5": return RSA_MD5;
817 case "RSASHA1": return RSA_SHA1;
818 case "RSASHA224": return RSA_SHA224;
819 case "RSASHA256": return RSA_SHA256;
820 case "RSASHA384": return RSA_SHA384;
821 case "RSASHA512": return RSA_SHA512;
822 case "ECDSAMD5": return ECDSA_MD5;
823 case "ECDSASHA1": return ECDSA_SHA1;
824 case "ECDSASHA224": return ECDSA_SHA224;
825 case "ECDSASHA256": return ECDSA_SHA256;
826 case "ECDSASHA384": return ECDSA_SHA384;
827 case "ECDSASHA512": return ECDSA_SHA512;
829 throw new Exception(string.Format(
830 "Unknown hash-and-sign: '{0}'", s));
835 * Get a human-readable name for a curve.
837 public static string CurveName(int id)
840 case Curve25519: return "Curve25519";
841 case NIST_P256: return "NIST_P256";
842 case NIST_P384: return "NIST_P384";
843 case NIST_P521: return "NIST_P521";
845 return String.Format("UNKNOWN:0x{0:X4}", id);
850 * Get a curve by name.
852 public static int GetCurveByName(string s)
854 string t = s.Trim().Replace(" ", "").Replace("_", "")
855 .Replace("-", "").ToLowerInvariant();
875 throw new Exception(string.Format(
876 "Unknown curve: '{0}'", s));
881 * Extract the public key from an encoded X.509 certificate.
882 * This does NOT make any attempt at validating the certificate.
884 internal static IPublicKey GetKeyFromCert(byte[] cert)
886 AsnElt ae = AsnElt.Decode(cert);
887 ae.CheckTag(AsnElt.SEQUENCE);
890 ae.CheckTag(AsnElt.SEQUENCE);
891 ae.CheckNumSubMin(6);
893 if (ae.GetSub(0).TagValue != AsnElt.INTEGER) {
894 ae.CheckNumSubMin(7);
897 return KF.DecodePublicKey(ae.GetSub(off));
900 internal static bool IsRSA(int cs)
903 case RSA_WITH_RC4_128_MD5:
904 case RSA_WITH_RC4_128_SHA:
905 case RSA_WITH_3DES_EDE_CBC_SHA:
906 case RSA_WITH_AES_128_CBC_SHA:
907 case RSA_WITH_AES_256_CBC_SHA:
908 case RSA_WITH_AES_128_CBC_SHA256:
909 case RSA_WITH_AES_256_CBC_SHA256:
910 case RSA_WITH_AES_128_GCM_SHA256:
911 case RSA_WITH_AES_256_GCM_SHA384:
912 case RSA_WITH_AES_128_CCM:
913 case RSA_WITH_AES_256_CCM:
914 case RSA_WITH_AES_128_CCM_8:
915 case RSA_WITH_AES_256_CCM_8:
922 internal static bool IsDH_DSA(int cs)
925 case DH_DSS_WITH_3DES_EDE_CBC_SHA:
926 case DH_DSS_WITH_AES_128_CBC_SHA:
927 case DH_DSS_WITH_AES_256_CBC_SHA:
928 case DH_DSS_WITH_AES_128_CBC_SHA256:
929 case DH_DSS_WITH_AES_256_CBC_SHA256:
930 case DH_DSS_WITH_AES_128_GCM_SHA256:
931 case DH_DSS_WITH_AES_256_GCM_SHA384:
938 internal static bool IsDH_RSA(int cs)
941 case DH_RSA_WITH_3DES_EDE_CBC_SHA:
942 case DH_RSA_WITH_AES_128_CBC_SHA:
943 case DH_RSA_WITH_AES_256_CBC_SHA:
944 case DH_RSA_WITH_AES_128_CBC_SHA256:
945 case DH_RSA_WITH_AES_256_CBC_SHA256:
946 case DH_RSA_WITH_AES_128_GCM_SHA256:
947 case DH_RSA_WITH_AES_256_GCM_SHA384:
954 internal static bool IsDH(int cs)
956 return IsDH_DSA(cs) || IsDH_RSA(cs);
959 internal static bool IsDHE_DSS(int cs)
962 case DHE_DSS_WITH_3DES_EDE_CBC_SHA:
963 case DHE_DSS_WITH_AES_128_CBC_SHA:
964 case DHE_DSS_WITH_AES_256_CBC_SHA:
965 case DHE_DSS_WITH_AES_128_CBC_SHA256:
966 case DHE_DSS_WITH_AES_256_CBC_SHA256:
967 case DHE_DSS_WITH_AES_128_GCM_SHA256:
968 case DHE_DSS_WITH_AES_256_GCM_SHA384:
975 internal static bool IsDHE_RSA(int cs)
978 case DHE_RSA_WITH_3DES_EDE_CBC_SHA:
979 case DHE_RSA_WITH_AES_128_CBC_SHA:
980 case DHE_RSA_WITH_AES_256_CBC_SHA:
981 case DHE_RSA_WITH_AES_128_CBC_SHA256:
982 case DHE_RSA_WITH_AES_256_CBC_SHA256:
983 case DHE_RSA_WITH_AES_128_GCM_SHA256:
984 case DHE_RSA_WITH_AES_256_GCM_SHA384:
985 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
992 internal static bool IsECDH_ECDSA(int cs)
995 case ECDH_ECDSA_WITH_NULL_SHA:
996 case ECDH_ECDSA_WITH_RC4_128_SHA:
997 case ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
998 case ECDH_ECDSA_WITH_AES_128_CBC_SHA:
999 case ECDH_ECDSA_WITH_AES_256_CBC_SHA:
1000 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
1001 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
1002 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
1003 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
1010 internal static bool IsECDH_RSA(int cs)
1013 case ECDH_RSA_WITH_NULL_SHA:
1014 case ECDH_RSA_WITH_RC4_128_SHA:
1015 case ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
1016 case ECDH_RSA_WITH_AES_128_CBC_SHA:
1017 case ECDH_RSA_WITH_AES_256_CBC_SHA:
1018 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
1019 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
1020 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
1021 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
1028 internal static bool IsECDH(int cs)
1030 return IsECDH_ECDSA(cs) || IsECDH_RSA(cs);
1033 internal static bool IsECDHE_ECDSA(int cs)
1036 case ECDHE_ECDSA_WITH_NULL_SHA:
1037 case ECDHE_ECDSA_WITH_RC4_128_SHA:
1038 case ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
1039 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
1040 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
1041 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
1042 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
1043 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
1044 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1045 case ECDHE_ECDSA_WITH_AES_128_CCM:
1046 case ECDHE_ECDSA_WITH_AES_256_CCM:
1047 case ECDHE_ECDSA_WITH_AES_128_CCM_8:
1048 case ECDHE_ECDSA_WITH_AES_256_CCM_8:
1049 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
1056 internal static bool IsECDHE_RSA(int cs)
1059 case ECDHE_RSA_WITH_NULL_SHA:
1060 case ECDHE_RSA_WITH_RC4_128_SHA:
1061 case ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
1062 case ECDHE_RSA_WITH_AES_128_CBC_SHA:
1063 case ECDHE_RSA_WITH_AES_256_CBC_SHA:
1064 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
1065 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1066 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
1067 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1068 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1075 internal static bool IsECDHE(int cs)
1077 return IsECDHE_RSA(cs) || IsECDHE_ECDSA(cs);
1080 internal static bool IsSHA384(int cs)
1083 case RSA_WITH_AES_256_GCM_SHA384:
1084 case DH_DSS_WITH_AES_256_GCM_SHA384:
1085 case DH_RSA_WITH_AES_256_GCM_SHA384:
1086 case DHE_DSS_WITH_AES_256_GCM_SHA384:
1087 case DHE_RSA_WITH_AES_256_GCM_SHA384:
1088 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
1089 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
1090 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
1091 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
1092 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
1093 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1094 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1095 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1102 internal static bool IsTLS12(int cs)
1105 case RSA_WITH_NULL_SHA256:
1106 case RSA_WITH_AES_128_CBC_SHA256:
1107 case RSA_WITH_AES_256_CBC_SHA256:
1108 case DH_DSS_WITH_AES_128_CBC_SHA256:
1109 case DH_RSA_WITH_AES_128_CBC_SHA256:
1110 case DHE_DSS_WITH_AES_128_CBC_SHA256:
1111 case DHE_RSA_WITH_AES_128_CBC_SHA256:
1112 case DH_DSS_WITH_AES_256_CBC_SHA256:
1113 case DH_RSA_WITH_AES_256_CBC_SHA256:
1114 case DHE_DSS_WITH_AES_256_CBC_SHA256:
1115 case DHE_RSA_WITH_AES_256_CBC_SHA256:
1116 case DH_anon_WITH_AES_128_CBC_SHA256:
1117 case DH_anon_WITH_AES_256_CBC_SHA256:
1118 case RSA_WITH_AES_128_GCM_SHA256:
1119 case RSA_WITH_AES_256_GCM_SHA384:
1120 case DHE_RSA_WITH_AES_128_GCM_SHA256:
1121 case DHE_RSA_WITH_AES_256_GCM_SHA384:
1122 case DH_RSA_WITH_AES_128_GCM_SHA256:
1123 case DH_RSA_WITH_AES_256_GCM_SHA384:
1124 case DHE_DSS_WITH_AES_128_GCM_SHA256:
1125 case DHE_DSS_WITH_AES_256_GCM_SHA384:
1126 case DH_DSS_WITH_AES_128_GCM_SHA256:
1127 case DH_DSS_WITH_AES_256_GCM_SHA384:
1128 case DH_anon_WITH_AES_128_GCM_SHA256:
1129 case DH_anon_WITH_AES_256_GCM_SHA384:
1130 case ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
1131 case ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
1132 case ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
1133 case ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
1134 case ECDHE_RSA_WITH_AES_128_CBC_SHA256:
1135 case ECDHE_RSA_WITH_AES_256_CBC_SHA384:
1136 case ECDH_RSA_WITH_AES_128_CBC_SHA256:
1137 case ECDH_RSA_WITH_AES_256_CBC_SHA384:
1138 case ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
1139 case ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
1140 case ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
1141 case ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
1142 case ECDHE_RSA_WITH_AES_128_GCM_SHA256:
1143 case ECDHE_RSA_WITH_AES_256_GCM_SHA384:
1144 case ECDH_RSA_WITH_AES_128_GCM_SHA256:
1145 case ECDH_RSA_WITH_AES_256_GCM_SHA384:
1146 case RSA_WITH_AES_128_CCM:
1147 case RSA_WITH_AES_256_CCM:
1148 case RSA_WITH_AES_128_CCM_8:
1149 case RSA_WITH_AES_256_CCM_8:
1150 case ECDHE_ECDSA_WITH_AES_128_CCM:
1151 case ECDHE_ECDSA_WITH_AES_256_CCM:
1152 case ECDHE_ECDSA_WITH_AES_128_CCM_8:
1153 case ECDHE_ECDSA_WITH_AES_256_CCM_8:
1154 case ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1155 case ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
1156 case DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
1157 case PSK_WITH_CHACHA20_POLY1305_SHA256:
1158 case ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
1159 case DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
1160 case RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
1167 internal static PRF GetPRFForTLS12(int cs)
1169 return new PRF(IsSHA384(cs)
1170 ? (IDigest)new SHA384()
1171 : (IDigest)new SHA256());
1174 internal static ECCurve GetCurveByID(int id)
1177 case NIST_P256: return EC.P256;
1178 case NIST_P384: return EC.P384;
1179 case NIST_P521: return EC.P521;
1180 case Curve25519: return EC.Curve25519;
1182 throw new SSLException("Unknown curve: " + id);
1187 * Get ID for a curve. This returns -1 if the curve is not
1190 internal static int CurveToID(ECCurve curve)
1192 switch (curve.Name) {
1193 case "P-256": return SSL.NIST_P256;
1194 case "P-384": return SSL.NIST_P384;
1195 case "P-521": return SSL.NIST_P521;
1196 case "Curve25519": return SSL.Curve25519;
1202 internal static IDigest GetHashByID(int id)
1205 case 1: return new MD5();
1206 case 2: return new SHA1();
1207 case 3: return new SHA224();
1208 case 4: return new SHA256();
1209 case 5: return new SHA384();
1210 case 6: return new SHA512();
1212 throw new SSLException("Unknown hash: " + id);